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IN THE CLAIMS: 

52-55. (Canceled) 

56. (Currently Amended) A system for syst e m s e curity in a distribut e d s ystem 
network that includes a security policy server, an identification authority server, a 
revocation authority server, verification authority server* and a user computer , 
comprising: 

a) m e ans for preparing a stat e m e nt of on assigned revocation authority in a 
distributed sy s tem network - in re spons e to a policy ^id- f e v o wtien authority - stat e m e nt 
boing - as se eiat e d - with an initial stat e m e nt ; 

b) m e ans for pr e paring a module within the identification authority server that, 
pursuant to a long-term policy received from said security policy server and a request 
from said user computer, prepares and sends to said user computer, via a public 
network to which said user computer* identification authority server, revocation 
authority server, and said verification authority server are connected, a n identification 
certificate that includes statem e nt of a freshness constraint p e riod represented by a time 
duration referenced to time of said request by said user computer in the distributed 
system n e twork in re s pon s e to s a i d pQ li oy ^s a id- fro sh fi e fls stat e m e nt b e ing associat e d with 
said r e vocation authority stat e m e nt ; 

a module within said revocation authority server for storing in a memory 
means for preparing a validity statement at said - as s ign e d r e vocation authority in th e 
distribut e d system n e twork in response to said a received short-term policy, and for 
u pdating said validity statement at specified intervals, said validity statement including 
a verification status at some temporal reference; 

4) means for providin g, in response to a request initiated by said user computer. 
said identification certificate r e vocation authority stat e m e nt, said fr e shness stat e ment, 
and said validity statemen t retrieved from said memory, to said verification authority 
server, via said public network t o a verification authority in the distribut e d syst e m 
n e twork ; and 

e) a module within said verification authority server means for s e lectiv e ly 
verifying that said request is within said time duration and said validity statement 
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permits serving said request by said user computer said initial Gtatomont at paid 
v e rification authority in r e spons e to said initial stat e m e nt, said r e vocation authority 
s tat^nont rs a id- freshne ss statem e nt, and s aid validity stat e m e nt . 
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